Are there any assurances that function local variables are protected from code calling the function?
For example, I would like to provide some cryptographic functions such as
function org_secure_string($string) {
$org_key = "a very random key";
return hash($string, $key);
}
function org_reveal_string($hash) {
$org_key = "a very random key";
return unhash($hash, $key);
}
I'd like to protect $org_key from any code following or using these functions. I've not yet found a way that it can be revealed, but I wonder if anyone here can give me a definitive answer whether or not it is possible.
Ben
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
